mcp-dnstwist
MCP server for advanced domain fuzzing and phishing detection.
Key Features
Use Cases
README
DNStwist MCP Server
A Model Context Protocol (MCP) server for dnstwist, a powerful DNS fuzzing tool that helps detect typosquatting, phishing, and corporate espionage. This server provides tools for analyzing domain permutations and identifying potentially malicious domains. It is designed to integrate seamlessly with MCP-compatible applications like Claude Desktop.
⚠️ Warning
This tool is designed for legitimate security research purposes. Please:
- Only analyze domains you own or have permission to test
- Respect rate limits and DNS server policies
- Use responsibly and ethically
- Be aware that some DNS servers may rate-limit or block automated queries
- Consider the impact on DNS infrastructure when running large scans
Requirements
- Node.js (v18 or later)
- Docker
- macOS, Linux, or Windows with Docker Desktop installed
Quick Start
Installing via Smithery
To install DNStwist for Claude Desktop automatically via Smithery:
npx -y @smithery/cli install @burtthecoder/mcp-dnstwist --client claude
Installing Manually
-
Install Docker:
- macOS: Install Docker Desktop
- Linux: Follow the Docker Engine installation guide
-
Install the server globally via npm:
npm install -g mcp-dnstwist
- Add to your Claude Desktop configuration file:
{
"mcpServers": {
"dnstwist": {
"command": "mcp-dnstwist"
}
}
}
Configuration file location:
- macOS:
~/Library/Application Support/Claude/claude_desktop_config.json - Windows:
%APPDATA%\Claude\claude_desktop_config.json
- Restart Claude Desktop
Alternative Setup (From Source)
If you prefer to run from source or need to modify the code:
- Clone and build:
git clone <repository_url>
cd mcp-dnstwist
npm install
npm run build
- Add to your Claude Desktop configuration:
{
"mcpServers": {
"dnstwist": {
"command": "node",
"args": ["/absolute/path/to/mcp-dnstwist/build/index.js"]
}
}
}
Features
- Domain Fuzzing: Generate domain permutations using various algorithms
- Registration Check: Verify if permutated domains are registered
- DNS Analysis: Check A, AAAA, MX, and NS records
- Web Presence: Capture HTTP banner information
- WHOIS Data: Retrieve registration dates and registrar information
- Phishing Detection: Generate fuzzy hashes of web pages
- Configurable: Custom DNS servers and parallel processing
- Multiple Formats: Support for json, csv, and list output formats
Tools
Domain Fuzzing Tool
- Name:
fuzz_domain - Description: Generate and analyze domain permutations to detect potential typosquatting, phishing, and brand impersonation
- Parameters:
domain(required): Domain name to analyze (e.g., example.com)nameservers(optional, default: "1.1.1.1"): Comma-separated list of DNS serversthreads(optional, default: 50): Number of threads for parallel processingformat(optional, default: "json"): Output format (json, csv, list)registered_only(optional, default: true): Show only registered domainsmxcheck(optional, default: true): Check for MX recordsssdeep(optional, default: false): Generate fuzzy hashes of web pagesbanners(optional, default: true): Capture HTTP banner information
Example:
{
"domain": "example.com",
"nameservers": "1.1.1.1,8.8.8.8",
"threads": 50,
"format": "json",
"registered_only": true,
"mxcheck": true,
"banners": true
}
Troubleshooting
Docker Issues
- Verify Docker is installed and running:
docker --version
docker ps
- Check Docker permissions:
- Ensure your user has permissions to run Docker commands
- On Linux, add your user to the docker group:
sudo usermod -aG docker $USER
Common Issues
-
DNS resolution problems:
- Verify DNS servers are accessible
- Try alternative DNS servers (e.g., 8.8.8.8)
- Check for rate limiting or blocking
-
Performance issues:
- Adjust thread count based on system capabilities
- Consider network bandwidth and latency
- Monitor DNS server response times
-
After fixing any issues:
- Save the configuration file
- Restart Claude Desktop
Error Messages
- "Docker is not installed or not running": Install Docker and start the Docker daemon
- "Failed to parse dnstwist output": Check if the domain is valid and the format is correct
- "Error executing dnstwist": Check Docker logs and ensure proper permissions
- "DNS server not responding": Verify DNS server accessibility and try alternative servers
Contributing
- Fork the repository
- Create a feature branch (
git checkout -b feature/amazing-feature) - Commit your changes (
git commit -m 'Add amazing feature') - Push to the branch (
git push origin feature/amazing-feature) - Open a Pull Request
License
This project is licensed under the MIT License - see the LICENSE file for details.
Star History
Repository Owner
User
Repository Details
Programming Languages
Join Our Newsletter
Stay updated with the latest AI tools, news, and offers by subscribing to our weekly newsletter.
Related MCPs
Discover similar Model Context Protocol servers
domain-lookup-mcp
MCP server for domain name lookup using RDAP and WHOIS.
Provides an MCP-compliant server that allows clients to perform domain name lookups via RDAP and WHOIS protocols. The tool is built in Go and can be directly integrated with any MCP client configuration. It automates the retrieval of domain registration details, streamlining the process of accessing authoritative domain information.
- ⭐ 5
- MCP
- dotemacs/domain-lookup-mcp
Maigret MCP Server
OSINT username and URL search server for the Model Context Protocol.
Maigret MCP Server provides Model Context Protocol (MCP) integration for the Maigret OSINT tool, enabling AI and context-aware applications to search for usernames across hundreds of social networks and analyze URLs. Designed for seamless operation with MCP-compatible clients like Claude Desktop, it supports multiple output formats and advanced filtering options. The server can be installed via Docker or npm, offers Docker-based deployment for consistent performance, and facilitates responsible OSINT research.
- ⭐ 205
- MCP
- BurtTheCoder/mcp-maigret
Shodan MCP Server
Query Shodan network intelligence and CVEDB via standardized MCP integration.
Shodan MCP Server provides an MCP-compliant interface to query the Shodan API and Shodan CVEDB for network intelligence, device discovery, and vulnerability data. It integrates with platforms like Claude Desktop, enabling structured, formatted results for seamless AI workflows. Key functionalities include IP reconnaissance, DNS operations, vulnerability lookups, and internet-connected device searches. Easy installation options are available via npm, Smithery, or from source.
- ⭐ 83
- MCP
- BurtTheCoder/mcp-shodan
VirusTotal MCP Server
Security analysis server for VirusTotal with comprehensive relationship data, compatible with MCP-enabled applications.
VirusTotal MCP Server is a Model Context Protocol server that interfaces with the VirusTotal API to deliver detailed security analysis of URLs, files, IPs, and domains. It provides comprehensive reports with automatically fetched relationship data, supporting rich security insights in a single request. Designed for seamless integration with MCP-compatible clients like Claude Desktop, it supports easy installation and flexible configuration options.
- ⭐ 88
- MCP
- BurtTheCoder/mcp-virustotal
mcp-recon
Conversational reconnaissance interface and MCP server for HTTP and ASN analysis.
mcp-recon acts as a conversational interface and Model Context Protocol (MCP) server, enabling seamless web domain and ASN reconnaissance through natural language prompts. It integrates powerful tooling like httpx and asnmap to conduct lightweight or full HTTP analysis and ASN lookups, exposing these capabilities to any MCP-compatible AI assistant. With predefined prompts and Docker-based deployment, it streamlines infrastructure analysis via AI interfaces such as Claude Desktop.
- ⭐ 22
- MCP
- nickpending/mcp-recon
MobSF MCP Tool
MCP-compatible interface for MobSF APK and IPA scanning
MobSF MCP Tool enables integration of the Mobile Security Framework (MobSF) with the Model Context Protocol, allowing direct scanning and analysis of APK and IPA files through any MCP-capable client, such as Claude or 5ire. It leverages MobSF's REST API to automate file uploads, scan initiation, and report retrieval. The tool optimizes output for AI model contexts by filtering out overly large results and provides example configurations for seamless integration with leading AI desktop apps.
- ⭐ 15
- MCP
- pullkitsan/mobsf-mcp-server
Didn't find tool you were looking for?